const basicAuth = require('basic-auth')
const jwt = require('jsonwebtoken')

class Auth {
  constructor(level=1) {
    this.level = level
    Auth.USER = 8
    Auth.ADMIN = 16
    Auth.SUPER_ADMIN = 32
  }

  get m() {
    return async (ctx, next) => {
      const userToken = basicAuth(ctx.req)
      let tokenMsg = 'token不合法'
      if (!userToken || !userToken.name) {
        throw new global.errors.Forbbiden(tokenMsg)
      }

      try {
        var decode = jwt.verify(userToken.name, global.config.security.secretKey)
      } catch (error) {
        if(error.name == 'TokenExpiredError') {
          tokenMsg = 'token已过期'
        }
        throw new global.errors.Forbbiden(tokenMsg)
      }

      if(decode.scope < this.level) {
        tokenMsg = '权限不足'
        throw new global.errors.Forbbiden(tokenMsg)
      }

      ctx.auth = {
        uid: decode.uid,
        scope: decode.scope
      }

      await next()
    }
  }
}

module.exports = {
  Auth
}
